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DETAILED ACTION 

1 . This action is in response to Claim Amendments and remarks filed by Applicant's 
representative on March 26, 2008. 

Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on March 
26, 2008 has been entered. 

Response to Amendments and Remarks 

1 . With respect to Applicant's latest submission, Applicant's arguments / claim 
amendments filed March 26, 2008 have been fully considered but are now considered 
moot in light of the new grounds of rejection provided below for the current set of 
pending claims. 
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Claim Rejections - 35 USC § 103 

1 . The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 1- 3, 10-15, 23-25, 27-29, 31, 35-38, and 40 are rejected under 35 U.S.C. 
103(a) as being unpatentable over Shanumgam et al (hereinafter Shanumgam), U.S. 
Patent US 7,032,022 B1 in view of Menditto et al (hereinafter Menditto), U.S. Patent 
6,981 ,029 and in further view of Applicant's Admitted own Prior Art (AAPA). 

As per Claims 1 , 1 1 , 1 2, 23, 24 and 36, Shanumgam in view of Menditto discloses a 
method to distribute policies, comprising [Abstract]: 

determining if a policy template is present at an enforcement point (Policy 
Enforcers 142 / 126) [Fig. 1] [col 1 , L65 - col 2, L26] in response to receiving an 
identification (ID) (i.e., Policy Identifier {ID} ) [col 10, L53] assigned to the policy 
template at the enforcement point; (Menditto: [col 3, L1-29] [col 6, L16-53] [col 9, L37- 
62] [col 12, L20 -col 13, L6] ) wherein the policy template includes a form of "if a first 
parameter then a second parameter", the policy template and the parameters being 
transmitted separately to reduce use of communication resources by factoring the 



Application/Control Number: 10/707,408 Page 4 

Art Unit: 2100 

template and parameters to be used in the template and to permit different parameters 
to be transmitted from time to time to replace previous parameters in the policy template 
without the need of transmitting the entire policy template again to further reduce use of 
communication resources; 

transmitting a query from the enforcement point to a repository, where policy 
templates are stored, in response to the policy template not being present at the 
enforcement point, wherein the query includes the ID assigned to the policy template; 
(Menditto: [col 3, L1-29] [col 6, L16-53] [col 9, L37-62] [col 12, L20 -col 13, L6] ) 

receiving the policy template at the enforcement point, wherein the policy 
template is transmitted by the repository in response to the query; (Menditto: [col 3, L1- 
29] [col 6, L16-53] [col 9, L37-62] [col 12, L20-col 13, L6] )and 

receiving a set of parameters (i.e., attributes) [col 19, L49-65] to be used in the 
policy template (e.g., selected policy enforcer 'settings') [Abstract] [Fig. 5] [col 8.L20-54] 
at the enforcement point (i.e., 411) [Fig. 5] [Figs. 1-4, 13-14 & 17] [col 1, L65-col 2, 
L26] wherein the set of parameters are transmitted separately from the policy template. 

While Shanumgam discloses substantial features of the invention, such as Policy 
Server Database 130, Policy Enforcement Points 124 / 126, Policy Settings for the 
Policy Enforcers, and Policy Identifer (ID) Attribute 724 for identifying a particular policy 
rule in the list of policies, and a method of distributing / replicating the 'policies' 
(including their Policy ID) from Policy Server to Policy Enforcers 124 / 126, the 
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additionally recited features of the method comprising the steps of determining if a 
policy template is present at an enforcement point in response to receiving an 
identification (ID) assigned to the policy template at the enforcement point; transmitting 
a query from the enforcement point to a repository, where policy templates are stored, 
in response to the policy template not being present at the enforcement point, wherein 
the query includes the ID assigned to the policy template; and receiving the policy 
template at the enforcement point, wherein the policy template is transmitted by the 
repository in response to the query are disclosed by Menditto in a related endeavor. 

Menditto discloses as his invention an information service provider network that 
includes a content gateway to process requests for information from a client terminal. 
The content gateway includes a router for receiving a request for information from the 
client terminal. The router forwards the request according to the domain name to a 
selected one of a plurality of processors to further process the request. The selected 
one of the plurality of processors identifies an information source to satisfy the request 
in response to the additional content of the request [Abstract] [col 1, L45-53] [Figs. 1 & 
3]. As part of his invention, Menditto discloses that "Content Gateways 18 distribute 
information from content providers 14 either directly or through content delivery nodes 
22 to client terminals 16 according to Content Gateway Policy Manager 26 (CGPM). 
CGPM 26 is a management node in information service provider 12 that serves as a 
repository tor content policies and communicates with content gateways 18 to distribute 
content policies within information service provider 12 and exchange policies with other 
CGPMs in other information service providers" [col 2, L43-53]. 
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In particular, Menditto discloses the additionally recited features of the method 
comprising the steps of determining if a policy template is present at an enforcement 
point in response to receiving an identification (ID) assigned to the policy template at the 
enforcement point; transmitting a query from the enforcement point to a repository, 
where policy templates are stored, in response to the policy template not being present 
at the enforcement point, wherein the query includes the ID assigned to the policy 
template; and receiving the policy template at the enforcement point, wherein the policy 
template is transmitted by the repository in response to the query [col 3, L1-29][col 6, 
L16-53] (e.g., "...content policy may be downloaded to content gateway 18 on- 
demand....") [col 7, L1-53] [col 8, L27-30] (e.g., ...content policy associated with a 
query... receiving policy updates from CGPM 26 and processing subsequent requests 
according to the newly installed policy.) [col 9, L37-62] [col 12, L20 -col 13, L6]. 

It would thus be obvious to one of ordinary skill in the art at the time of the 
invention to combine and/or modify Shanumgam's invention with the above said 
additionally recited features, as disclosed by Menditto for the motivation of providing 
systems and method for processing a request for information in a network that has 
considerable advantages over conventional routing techniques (e.g. determining a 
source of information based on the additional content of a request apart from the 
domain name associated therewith) [col 1 , L54 - col 2, L2]. 

Further, while the combination of Shanumgam and Menditto discloses substantial 
features of the invention, as above, the additional recited feature of wherein the policy 
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template includes a form of "if a first parameter then a second parameter", the policy 
template and the parameters being transmitted separately to reduce use of 
communication resources by factoring the template and parameters to be used in the 
template and to permit different parameters to be transmitted from time to time to 
replace previous parameters in the policy template without the need of transmitting the 
entire policy template again to further reduce use of communication resources is well- 
known and expressly disclosed in view of Applicant's Admitted own Prior Art. 

With respect to Applicant's background for his own invention, Applicant states the 
following: 

"Policies may be defined or developed to control software applications, network 
management, e-commerce or business or similar communications or data 
processing activities . Such policies may include 'if-then' clauses or similar 
statements or definitions. An example of one policy may be "if some 
precondition, then perform some predefined action, or set some value or the 
like." In another example, the policy may be "if some precondition and some 
other precondition or preconditions, then perform some predefined action, set 
some value or the like." Policies can have a typical lifecycle. Overtime, policies 
may be updated to meet changing conditions or needs or may become outdated 
and deleted or changed to new policies. Efficiently defining, storing, distributing 
and enforcing policies can be a challenge . Under some circumstances only 
minor changes or selected parameters or values used in a policy or related group 
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of policies may need to be changed. Defining an entirely new policy or policies, 
distributing the policies to all enforcement points and making adjustments at each 
of the enforcement points to implement and enforce the policies may be 
burdensome, time consuming and involve inefficient use of limited data 
processing, storage and communication resources." [Application Background of 
the Invention: 0002] 

It would thus be obvious to combine and/or modify the combination of 
Shanumgam and Menditto with the above well-known feature as disclosed by Applicant 
for the motivation of efficiently providing 'updates' to policies and/or policy templates 
that defined the policies, including policy parameters that comprise the policy / policy 
templates. 

Claims 11, 1 2, 23, 24 and 36 recite the same limitations as claim 1 , are 
distinguished only by statutory category, and thus rejected on the same basis. 

As per Claims 2, 1 3, 29 and 37, Shanumgam discloses the method of claim 1 , binding 
the parameters to the policy template [Abstract] [Figs. 5 & 17] [col 20, L22-47]. 

As per Claims 3, 14 and 38, Shanumgam discloses the method of claim 2, further 
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comprising implementing the policy associated with the policy template [Figs. 1-5, 15 & 
17] [col 1, L65-col 2, L26]. 

As per Claim 1 5, Shanumgam discloses the method of claim 1 1 , further comprising 
storing each one of the at least one set of parameters by name and type [col 13, L24- 
30]. 

As per Claims 31 and 40, Shanumgam discloses the method of claim 1 , further 
comprising transmitting any policy templates to the enforcement point or any of the 
selected enforcement points in response to a query from the enforcement point or any 
of the selected enforcement points including any IDs assigned to the policy templates. 

As per Claims 10, 28 and 35, Shanumgam in view of Menditto discloses a method to 
distribute policies, comprising: 

defining a policy template associated with each policy; assigning a unique 
identification (ID) to each policy template [Abstract]; wherein the policy template 
includes a form of "if a first parameter then a second parameter", the policy template 
and the parameters being transmitted separately to reduce use of communication 
resources by factoring the template and parameters to be used in the template and to 
permit different parameters to be transmitted from time to time to replace previous 
parameters in the policy template without the need of transmitting the entire policy 
template again to further reduce use of communication resources; 



Application/Control Number: 10/707,408 Page 10 

Art Unit: 2100 

storing each policy template and assigned ID (130) [Fig. 1]; and 

transmitting only the assigned ID to an enforcement point for each policy to be 
enforced by the enforcement point, wherein only the ID is transmitted to the 
enforcement point rather than the policy template to substantially minimize use of data 
processing and communication resources (i.e., 411) [Fig. 5] [Figs. 1-4, 13-14 & 17] [col 
1, L65-col 2, L26]; 

determining if a policy template is present at an enforcement point (Policy 
Enforcers 142 / 126) [Fig. 1] [col 1 , L65 - col 2, L26] in response to receiving an 
identification (ID) (i.e., Policy Identifier {ID} ) [col 10, L53] assigned to the policy 
template at the enforcement point; (Menditto: [col 3, L1-29] [col 6, L16-53] [col 9, L37- 
62] [col 12, L20 -col 13, L6] ) 

transmitting a query from the enforcement point to a repository, where policy 
templates are stored, in response to the policy template not being present at the 
enforcement point, wherein the query includes the ID assigned to the policy template; 
(Menditto: [col 3, L1-29] [col 6, L16-53] [col 9, L37-62] [col 12, L20 -col 13, L6] ) 

receiving the policy template at the enforcement point, wherein the policy 
template is transmitted by the repository in response to the query; (Menditto: [col 3, L1- 
29] [col 6, L16-53] [col 9, L37-62] [col 12, L20 -col 13, L6] ) and 

receiving a set of parameters (i.e., attributes) [col 19, L49-65] to be used in the 
policy template (e.g., selected policy enforcer 'settings') [Abstract] [Fig. 5] [col 8,L20-54] 
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at the enforcement point (i.e., 41 1 ) [Fig. 5] [Figs. 1 -4, 1 3-1 4 & 1 7] [col 1 , L65 - col 2, 
L26]. 



While Shanumgam discloses substantial features of the invention, such as Policy 
Server Database 130, Policy Enforcement Points 124 / 126, Policy Settings for the 
Policy Enforcers, and Policy Identifer (ID) Attribute 724 for identifying a particular policy 
rule in the list of policies, and a method of distributing / replicating the 'policies' 
(including their Policy ID) from Policy Server to Policy Enforcers 124 / 126, the 
additionally recited features of the method comprising the steps of determining if a 
policy template is present at an enforcement point in response to receiving an 
identification (ID) assigned to the policy template at the enforcement point; transmitting 
a query from the enforcement point to a repository, where policy templates are stored, 
in response to the policy template not being present at the enforcement point, wherein 
the query includes the ID assigned to the policy template; and receiving the policy 
template at the enforcement point, wherein the policy template is transmitted by the 
repository in response to the query are disclosed by Menditto in a related endeavor. 

Menditto discloses as his invention an information service provider network that 
includes a content gateway to process requests for information from a client terminal. 
The content gateway includes a router for receiving a request for information from the 
client terminal. The router forwards the request according to the domain name to a 
selected one of a plurality of processors to further process the request. The selected 
one of the plurality of processors identifies an information source to satisfy the request 
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in response to the additional content of the request [Abstract] [col 1, L45-53] [Figs. 1 & 
3]. As part of his invention, Menditto discloses that "Content Gateways 18 distribute 
information from content providers 14 either directly or through content delivery nodes 
22 to client terminals 16 according to Content Gateway Policy Manager 26 (CGPM). 
CGPM 26 is a management node in information service provider 12 that serves as a 
repository for content policies and communicates with content gateways 18 to distribute 
content policies within information service provider 12 and exchange policies with other 
CGPMs in other information service providers" [col 2, L43-53]. 

In particular, Menditto discloses the additionally recited features of the method 
comprising the steps of determining if a policy template is present at an enforcement 
point in response to receiving an identification (ID) assigned to the policy template at the 
enforcement point; transmitting a query from the enforcement point to a repository, 
where policy templates are stored, in response to the policy template not being present 
at the enforcement point, wherein the query includes the ID assigned to the policy 
template; and receiving the policy template at the enforcement point, wherein the policy 
template is transmitted by the repository in response to the query [col 3, L1-29][col 6, 
L16-53] (e.g., "...content policy may be downloaded to content gateway 18 on- 
demand....") [col 7, L1-53] [col 8, L27-30] (e.g., ...content policy associated with a 
query... receiving policy updates from CGPM 26 and processing subsequent requests 
according to the newly installed policy.) [col 9, L37-62] [col 12, L20 -col 13, L6]. 

It would thus be obvious to one of ordinary skill in the art at the time of the 
invention to combine and/or modify Shanumgam's invention with the above said 
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additionally recited features, as disclosed by Menditto for the motivation of providing 
systems and method for processing a request for information in a network that has 
considerable advantages over conventional routing techniques (e.g. determining a 
source of information based on the additional content of a request apart from the 
domain name associated therewith) [col 1 , L54 - col 2, L2]. 

Further, while the combination of Shanumgam and Menditto discloses substantial 
features of the invention, as above, the additional recited feature of wherein the policy 
template includes a form of "if a first parameter then a second parameter", the policy 
template and the parameters being transmitted separately to reduce use of 
communication resources by factoring the template and parameters to be used in the 
template and to permit different parameters to be transmitted from time to time to 
replace previous parameters in the policy template without the need of transmitting the 
entire policy template again to further reduce use of communication resources is well- 
known and expressly disclosed in view of Applicant's Admitted own Prior Art. 

With respect to Applicant's background for his own invention, Applicant states the 
following: 

"Policies may be defined or developed to control software applications, network 
management, e-commerce or business or similar communications or data 
processing activities . Such policies may include 'if-then' clauses or similar 
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statements or definitions. An example of one policy may be "if some 
precondition, then perform some predefined action, or set some value or the 
like." In another example, the policy may be "if some precondition and some 
other precondition or preconditions, then perform some predefined action, set 
some value or the like." Policies can have a typical lifecycle. Over time, policies 
may be updated to meet changing conditions or needs or may become outdated 
and deleted or changed to new policies. Efficiently defining, storing, distributing 
and enforcing policies can be a challenge . Under some circumstances only 
minor changes or selected parameters or values used in a policy or related group 
of policies may need to be changed. Defining an entirely new policy or policies, 
distributing the policies to all enforcement points and making adjustments at each 
of the enforcement points to implement and enforce the policies may be 
burdensome, time consuming and involve inefficient use of limited data 
processing, storage and communication resources." [Application Background of 
the Invention: 0002] 



It would thus be obvious to combine and/or modify the combination of 
Shanumgam and Menditto with the above well-known feature as disclosed by Applicant 
for the motivation of efficiently providing 'updates' to policies and/or policy templates 
that defined the policies, including policy parameters that comprise the policy / policy 
templates. 
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As per Claim 25, Shanumgam discloses the system of claim 23, wherein each 
enforcement point comprises: 

a processor to receive the IDs assigned to each policy template (policy server 
122 /policy enforcers 124/ 126) [Fig. 1]; and 

a data source to store each policy template for enforcement and assigned ID, 
wherein the processor forms and transmits a query in response to each policy template 
corresponding to any transmitted IDs not present in the data source (e.g., repositories 
130, 132, 134) [Fig. 1] [Figs. 3-4 & 12-19] 

As per Claim 27, Shanumgam discloses the system of claim 26, further comprising a 
server to interface between each policy administrator, each enforcement point and the 
repository [Fig. 1]. 



3. Claims 6, 18, 32 and 41 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Shanumgam et al (hereinafter Shanumgam), U.S. Patent US 7,032,022 B1 in view 
of Menditto et al (hereinafter Menditto), U.S. Patent 6,981 ,029 and in further view of 
Widegren et al (hereinafter Widegren), U.S. Patent 6,621,793. 

As per Claims 6, 1 8, 32 and 41 , Shanumgam in view of Menditto and in further view of 
Widegren discloses the method of claim 1, further comprising applying asynchronous, 
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out-of-band communication to transmit the query and any policy templates. 

While the combination of Shanumgam and Menditto discloses substantial 
features of the invention such as the method of claim 5, and transmitting of policy 
templates in response to a query from the enforcement points, the added feature of the 
method further comprising applying asynchronous, out-of-band communication to 
transmit the query and any policy templates is disclosed by Widegren in a related 
endeavor. 

Widegren discloses as his invention a method of filtering and gating data flow in 
a QoS connection between a remote host and user equipment in a packet data 
network using policy control mechanisms includes a remote host initiating an 
application in an application server and a corresponding session between the remote 
host and the user equipment ("UE") via the application server. The UE requests, to a 
gateway support node ("GGSN") of the network, establishment of a network bearer 
service between the UE and the remote host. A corresponding policy control function 
("PCF") in a policy server receives, from the application server, filtering data derived 
from session data received by the application server during the session. The GGSN 
interrogates the corresponding PCF in the policy server to initialize a gate using policy 
control filtering data at the GGSN. The gate then filters the data flow in the QoS 
connection according to the policy control filtering data [Abstract]. In particular, 
Widegren discloses the added feature of the method further comprising applying 
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asynchronous, out-of-band communication to transmit the query and any policy 

templates (e.g., asynchronous notification) [col 22, L41-53]. 

It would thus be obvious to one of ordinary skill in the art at the time of the 
invention to modify the combination of Shanumgam and Menditto's invention with the 
added feature of the method further comprising applying asynchronous, out-of-band 
communication to transmit the query and any policy templates, as disclosed by 
Widegren, for the motivation of providing a method of filtering and gating data in packet 
data networks using policy mechanisms [col 1, L15-17]. 



4. Claims 7, 19, 20, 33 and 42 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Shanumgam et al (hereinafter Shanumgam), U.S. Patent US 
7,032,022 B1 in view of Menditto et al (hereinafter Menditto), U.S. Patent 6,981 ,029 and 
in further view of and in further view of Danieli, U.S. Patent 6,510,513. 

As per Claims 7, 19, 20, 33 and 42, Shanumgam view of Menditto and in further view of 
Danieli discloses the method of claim 1 , further comprising compressing each policy 
template before transmitting to the enforcement point or any of the selected 
enforcement points. 

While the combination of Shanumgam and Menditto discloses substantial 
features of the invention such as the method of claim 5, and transmitting of policy 
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templates in response to a query from the enforcement points, the added feature of the 
method further comprising compressing each policy template before transmitting to the 
enforcement point or any of the selected enforcement points is disclosed by Danieli in a 
related endeavor. 

Danieli discloses as his invention a Security services and policy enforcement for 
electronic data. A first client generates a digest from the electronic data, and submits a 
security certificate request containing the digest to a trusted arbitrator server, where 
the request is time stamped and logged. The trusted arbitrator authenticates the first 
client's credentials and returns the security certificate to the first client. The data and 
security certificate are combined to create a distribution unit. A second client acquires 
the distribution unit, extracts the security certificate, and generates a digest from the 
data. If the digest from the second client matches the logged digest from the first 
client, the data is valid. Depending on the certificate type and policy level, the trusted 
arbitrator server provides other services to the clients, such as notification of improper 
user of the data [Abstract]. In particular, Danieli discloses the added feature of the 
method further comprising compressing each policy template before transmitting to the 
enforcement point or any of the selected enforcement points [col 16, L21-36]. 

It would thus be obvious to one of ordinary skill in the art at the time of the 
invention to modify the combination of Shanumgam and Menditto's invention with the 
added feature of the method further comprising compressing each policy template 
before transmitting to the enforcement point or any of the selected enforcement points, 
as disclosed by Danieli, for the motivation of providing a system and method for 
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authenticating and validating electronic data and enforcing restrictions (e.g. policies) on 
the use of electronic data [col 1 , L5-10]. 

5. Claims 8, 9, 21, 22, 34, 43 and 44 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Shanumgam et al (hereinafter Shanumgam), U.S. Patent US 
7,032,022 B1 in view of Menditto et al (hereinafter Menditto), U.S. Patent 6,981 ,029 and 
in further view of Valente et al (hereinafter Valente), U.S. Patent Publication US 
2003/0110192 A1. 

As per Claims 8, 21 , 34 and 43, Shanumgam in view of Menditto and in further view of 
Valente discloses the method of claim 1 , further comprising forming the policy template 
in a structured document. 

While the combination of Shanumgam and Menditto discloses substantial 
features of the invention such as the method of claim 1 , and transmitting of policy 
templates in response to a query from the enforcement points, the added feature of the 
method further comprising forming each policy template in a structured document (e.g., 
XML document) is disclosed by Valente in a related endeavor. 

Valente discloses as his invention a Security services and policy enforcement for 
electronic data. A first client generates a digest from the electronic data, and submits a 
security certificate request containing the digest to a trusted arbitrator server, where 
the request is time stamped and logged. The trusted arbitrator authenticates the first 
client's credentials and returns the security certificate to the first client. The data and 
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security certificate are combined to create a distribution unit. A second client acquires 
the distribution unit, extracts the security certificate, and generates a digest from the 
data. If the digest from the second client matches the logged digest from the first 
client, the data is valid. Depending on the certificate type and policy level, the trusted 
arbitrator server provides other services to the clients, such as notification of improper 
user of the data [Abstract]. In particular, Valente discloses the added feature of the 
method further comprising forming each policy template in a structured document 
[Abstract] (e.g., XML file 602a) [Fig. 6]. 

It would thus be obvious to one of ordinary skill in the art at the time of the 
invention to modify the combination of Shanumgam and Menditto's invention with the 
added feature of the method further comprising forming each policy template in a 
structured document (e.g., XML document), as disclosed by Valente, for the motivation 
of providing a system and method for authenticating and validating electronic data and 
enforcing restrictions (e.g. policies) on the use of electronic data [col 1, L5-10]. 

As per Claims 9, 22 and 44, Shanumgam in view of Menditto and in further view of 
Valente disclosthe method of claim 1 , further comprising forming the policy template in a 
mark-up language. 

While the combination of Shanumgam and Menditto discloses substantial 
features of the invention such as the method of claim 5, and transmitting of policy 
templates in response to a query from the enforcement points, the added feature of the 
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method further comprising forming each policy template in a mark-up language is 
disclosed by Valente in a related endeavor. 

Valente discloses as his invention a Security services and policy enforcement for 
electronic data. A first client generates a digest from the electronic data, and submits a 
security certificate request containing the digest to a trusted arbitrator server, where 
the request is time stamped and logged. The trusted arbitrator authenticates the first 
client's credentials and returns the security certificate to the first client. The data and 
security certificate are combined to create a distribution unit. A second client acquires 
the distribution unit, extracts the security certificate, and generates a digest from the 
data. If the digest from the second client matches the logged digest from the first 
client, the data is valid. Depending on the certificate type and policy level, the trusted 
arbitrator server provides other services to the clients, such as notification of improper 
user of the data [Abstract]. In particular, Valente discloses the added feature of the 
method further comprising forming each policy template in a mark-up language 
[Abstract] (e.g., XML file 602a) [Fig. 6]. 

It would thus be obvious to one of ordinary skill in the art at the time of the 
invention to modify the combination of Shanumgam and Menditto's invention with the 
added feature of the method further comprising forming each policy template in a 
structured document (e.g., XML document), as disclosed by Valente, for the motivation 
of providing a system and method for authenticating and validating electronic data and 
enforcing restrictions (e.g. policies) on the use of electronic data [col 1, L5-10]. 
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Conclusion 

1 . The Examiner has cited particular columns and line numbers in the references 
applied to the claims above for the convenience of the applicant. Although the specified 
citations are representative of the teachings of the art and are applied to specific 
limitations within the individual claim, other passages and figures may apply as well. It 
is respectfully requested from the applicant in preparing responses, to fully consider the 
references in entirety as potentially teaching all or part of the claimed invention, as well 
as the context of the passage as taught by the prior art or disclosed by the Examiner. 

2. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Glenford Madamba whose telephone number is 571- 
272-7989. The examiner can normally be reached on M-F 8:30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Valencia Wallace Martin can be reached on 571-272-3440. The fax phone 
number for the organization where this application or proceeding is assigned is 703- 
872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



/John Follansbee/ Glenford Madamba 

Supervisory Patent Examiner, Art Unit 2151 Examiner 

Art Unit 2151 



